Abuse Melding

Je hebt een klacht over de onderstaande posting:

04-08-2001, 03:28 door nico

code red worm is inderdaat actief. Op mijn server komt de onderstaande info voor:ech.ed.hiroshima-u.ac.jp - - [04/Aug/2001:02:55:54 +0200] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090% HTTP/1.0" 404 0 0 "-" "-" Dit is dus de zoek actie van de worm. Info naar de server gaf als antwoord: > Welcome back. > > It's the Code Red worm looking to see if IIS is running on your IP. It does > this by requesting default.ida. If the file exists, it tries to infect your > copy of IIS. If it doesn't exist, it goes off and checks some other IP > address. > > It doesn't affect Sambar at all. Don't bother trying to redirect or create a > dummy file because there's no human at the end of the request - just sit it > out and it'll eventually stop when all Bill's crappy servers ...

Beschrijf je klacht (Optioneel):

captcha